<div dir="ltr"><br><div class="gmail_extra"><br><br><div class="gmail_quote">On Wed, Dec 4, 2013 at 7:49 PM, Peter Teoh <span dir="ltr"><<a href="mailto:htmldeveloper@gmail.com" target="_blank">htmldeveloper@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div dir="ltr"><br><div class="gmail_extra"><br><br><div class="gmail_quote">
<div class="im">On Mon, Dec 2, 2013 at 1:48 PM, Guibin(Bill) Tian <span dir="ltr"><<a href="mailto:gbtian@gmail.com" target="_blank">gbtian@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div dir="ltr">Hi there,<div>Right now, I am trying to do such a thing.</div>
<div><br></div><div>If a computer has multiple interface A and B, assume the packet is from device A.</div>
<div>At ip layer, before the packet is transmitted to transport layer, I change the source address and destination address of the IP header and transmit to transport layer to pretend that this packet is from device B. Not sure whether this can work or not. </div>
</div></blockquote><div><br></div></div><div>feasible? yes, theoretically u can change IP address, but there is a problem. TCP port + IP address is combined together to uniquely identify which "socket" to pass to. And each socket is always associated with each process. if u change that the packet will be redirected to another process. (this process context identification is done in the upper layer of TCP, ie, in interrupt context the packet has not been associated with any process yet.)</div>
<div><br></div><div>and remember there is a checksum (TCP and IP) that need to be patched whenever u change anything.</div><div><br></div><div>not sure why u want to that, but I suspect Netfilter should fulfill your requirement as well?</div>
<div> </div></div></div></div></blockquote><div><br></div><div style>Sorry, not sure if the earlier explanation is clear to you?</div><div style><br></div><div style>So to be specific:</div><div style><br></div><div style>
in net/ipv4/tcp_ipv4.c:</div><div style><br></div><div style>This is from the ingress path (still executing in software interrupt context mode, ie, packet has not been assigned to any process yet, and so you can always modify the packet content):</div>
<div style><div><br></div><div>int tcp_v4_rcv(struct sk_buff *skb)</div><div>{</div><div> const struct iphdr *iph;</div><div> const struct tcphdr *th;</div><div> struct sock *sk;</div><div> int ret;</div>
<div> struct net *net = dev_net(skb->dev);</div><div><br></div><div> if (skb->pkt_type != PACKET_HOST)</div><div> goto discard_it;</div><div><br></div><div> /* Count it even if it's bad */</div>
<div> TCP_INC_STATS_BH(net, TCP_MIB_INSEGS);</div><div><br></div><div> if (!pskb_may_pull(skb, sizeof(struct tcphdr))</div></div><div style><br></div><div style>and in include/net/sock.h:</div><div style><br>
</div><div style><div>/* This is the per-socket lock. The spinlock provides a synchronization</div><div> * between user contexts and software interrupt processing, whereas the</div><div> * mini-semaphore synchronizes multiple users amongst themselves.</div>
<div> */</div><div>typedef struct {</div><div> spinlock_t slock;</div><div> int owned;</div><div> wait_queue_head_t wq;</div><div> /*</div><div><br></div>
<div style>To modify the packet, you can either do it before the above function, or after the function, but before the packet gtet assigned to its rightful owner. ****MY GUESS*****!!!!</div></div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<div dir="ltr">
<div><br></div><div>There are other interface specific information in the skb structure like the net_device member. If I pass the packet to transport layer only with my proposed modification, will the application's sockehit detect this? I didn't look into the socket match code, not sure if the socket match will check other information in skb struct beside the ip address and port number.</div>
<div class="im">
<div><br></div><div>Thanks for your help.</div><span><font color="#888888"><div><br></div><div>Bill</div></font></span></div></div>
<br>_______________________________________________<br>
Kernelnewbies mailing list<br>
<a href="mailto:Kernelnewbies@kernelnewbies.org" target="_blank">Kernelnewbies@kernelnewbies.org</a><br>
<a href="http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies" target="_blank">http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies</a><br>
<br></blockquote></div><span class=""><font color="#888888"><br><br clear="all"><div><br></div>-- <br>Regards,<br>Peter Teoh
</font></span></div></div>
</blockquote></div><br><br clear="all"><div><br></div>-- <br>Regards,<br>Peter Teoh
</div></div>